Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!Close

CVE-2008-4554

Published: 15 October 2008

The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.

From the Ubuntu Security Team

Olaf Kirch and Miklos Szeredi discovered that the Linux kernel did not correctly reject the "append" flag when handling file splice requests. A local attacker could bypass append mode and make changes to arbitrary locations in a file. This issue only affected Ubuntu 7.10 and 8.04.

Priority

Low

Status

Package Release Status
linux-source-2.6.15
Launchpad, Ubuntu, Debian
upstream Not vulnerable
(code not present)
dapper Not vulnerable
(code not present)
gutsy Does not exist

hardy Does not exist

intrepid Does not exist

linux-source-2.6.22
Launchpad, Ubuntu, Debian
upstream
Released (2.6.27)
dapper Does not exist

gutsy
Released (2.6.22-16.60)
hardy Does not exist

intrepid Does not exist

linux
Launchpad, Ubuntu, Debian
upstream
Released (2.6.27)
dapper Does not exist

gutsy Does not exist

hardy
Released (2.6.24-22.45)
intrepid Not vulnerable

Patches:
upstream: http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git;a=commitdiff;h=efc968d450e013049a662d22727cf132618dcb2f